sql injection vulnerabilities
Brought to you by:
stevedunstan
Menu
▾
▴
#3 sql injection vulnerabilities
There is a sql injection vulnerability in the url when it parses a get variable because it doesn't validate that variable's type and doesn't escape the string
There's also a similar post vulnerability.
Both are described here:
http://packetstormsecurity.org/files/111868/VL-503.txt
